cvelistv5 - cve-2022-31124

CVE-2022-31124 (GCVE-0-2022-31124)

Vulnerability from cvelistv5

Published

2022-07-06 17:30

Modified

2025-04-22 17:51

Severity ?

7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

CWE

CWE-209 - Generation of Error Message Containing Sensitive Information

Summary

openssh_key_parser is an open source Python package providing utilities to parse and pack OpenSSH private and public key files. In versions prior to 0.0.6 if a field of a key is shorter than it is declared to be, the parser raises an error with a message containing the raw field value. An attacker able to modify the declared length of a key's sensitive field can thus expose the raw value of that field. Users are advised to upgrade to version 0.0.6, which no longer includes the raw field value in the error message. There are no known workarounds for this issue.

References

URL

Tags

security-advisories@github.com	https://github.com/scottcwang/openssh_key_parser/commit/26e0a471e9fdb23e635bc3014cf4cbd2323a08d3	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/scottcwang/openssh_key_parser/commit/274447f91b4037b7050ae634879b657554523b39	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/scottcwang/openssh_key_parser/commit/d5b53b4b7e76c5b666fc657019dbf864fb04076c	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/scottcwang/openssh_key_parser/pull/5	Exploit, Issue Tracking, Third Party Advisory
security-advisories@github.com	https://github.com/scottcwang/openssh_key_parser/security/advisories/GHSA-hm37-9xh2-q499	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/scottcwang/openssh_key_parser/commit/26e0a471e9fdb23e635bc3014cf4cbd2323a08d3	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/scottcwang/openssh_key_parser/commit/274447f91b4037b7050ae634879b657554523b39	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/scottcwang/openssh_key_parser/commit/d5b53b4b7e76c5b666fc657019dbf864fb04076c	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/scottcwang/openssh_key_parser/pull/5	Exploit, Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/scottcwang/openssh_key_parser/security/advisories/GHSA-hm37-9xh2-q499	Third Party Advisory

Impacted products

	Vendor	Product	Version
	scottcwang	openssh_key_parser	Version: < 0.0.6

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T07:11:39.371Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/scottcwang/openssh_key_parser/security/advisories/GHSA-hm37-9xh2-q499"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/scottcwang/openssh_key_parser/pull/5"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/scottcwang/openssh_key_parser/commit/26e0a471e9fdb23e635bc3014cf4cbd2323a08d3"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/scottcwang/openssh_key_parser/commit/274447f91b4037b7050ae634879b657554523b39"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/scottcwang/openssh_key_parser/commit/d5b53b4b7e76c5b666fc657019dbf864fb04076c"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-31124",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-22T15:45:44.952333Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-22T17:51:53.172Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "openssh_key_parser",
          "vendor": "scottcwang",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 0.0.6"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "openssh_key_parser is an open source Python package providing utilities to parse and pack OpenSSH private and public key files. In versions prior to 0.0.6 if a field of a key is shorter than it is declared to be, the parser raises an error with a message containing the raw field value. An attacker able to modify the declared length of a key\u0027s sensitive field can thus expose the raw value of that field. Users are advised to upgrade to version 0.0.6, which no longer includes the raw field value in the error message. There are no known workarounds for this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-209",
              "description": "CWE-209: Generation of Error Message Containing Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-07-06T17:30:27.000Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/scottcwang/openssh_key_parser/security/advisories/GHSA-hm37-9xh2-q499"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/scottcwang/openssh_key_parser/pull/5"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/scottcwang/openssh_key_parser/commit/26e0a471e9fdb23e635bc3014cf4cbd2323a08d3"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/scottcwang/openssh_key_parser/commit/274447f91b4037b7050ae634879b657554523b39"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/scottcwang/openssh_key_parser/commit/d5b53b4b7e76c5b666fc657019dbf864fb04076c"
        }
      ],
      "source": {
        "advisory": "GHSA-hm37-9xh2-q499",
        "discovery": "UNKNOWN"
      },
      "title": "Possible leak of key\u0027s raw field if declared length is incorrect in openssh_key_parser",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2022-31124",
          "STATE": "PUBLIC",
          "TITLE": "Possible leak of key\u0027s raw field if declared length is incorrect in openssh_key_parser"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "openssh_key_parser",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003c 0.0.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "scottcwang"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "openssh_key_parser is an open source Python package providing utilities to parse and pack OpenSSH private and public key files. In versions prior to 0.0.6 if a field of a key is shorter than it is declared to be, the parser raises an error with a message containing the raw field value. An attacker able to modify the declared length of a key\u0027s sensitive field can thus expose the raw value of that field. Users are advised to upgrade to version 0.0.6, which no longer includes the raw field value in the error message. There are no known workarounds for this issue."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-209: Generation of Error Message Containing Sensitive Information"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/scottcwang/openssh_key_parser/security/advisories/GHSA-hm37-9xh2-q499",
              "refsource": "CONFIRM",
              "url": "https://github.com/scottcwang/openssh_key_parser/security/advisories/GHSA-hm37-9xh2-q499"
            },
            {
              "name": "https://github.com/scottcwang/openssh_key_parser/pull/5",
              "refsource": "MISC",
              "url": "https://github.com/scottcwang/openssh_key_parser/pull/5"
            },
            {
              "name": "https://github.com/scottcwang/openssh_key_parser/commit/26e0a471e9fdb23e635bc3014cf4cbd2323a08d3",
              "refsource": "MISC",
              "url": "https://github.com/scottcwang/openssh_key_parser/commit/26e0a471e9fdb23e635bc3014cf4cbd2323a08d3"
            },
            {
              "name": "https://github.com/scottcwang/openssh_key_parser/commit/274447f91b4037b7050ae634879b657554523b39",
              "refsource": "MISC",
              "url": "https://github.com/scottcwang/openssh_key_parser/commit/274447f91b4037b7050ae634879b657554523b39"
            },
            {
              "name": "https://github.com/scottcwang/openssh_key_parser/commit/d5b53b4b7e76c5b666fc657019dbf864fb04076c",
              "refsource": "MISC",
              "url": "https://github.com/scottcwang/openssh_key_parser/commit/d5b53b4b7e76c5b666fc657019dbf864fb04076c"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-hm37-9xh2-q499",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2022-31124",
    "datePublished": "2022-07-06T17:30:27.000Z",
    "dateReserved": "2022-05-18T00:00:00.000Z",
    "dateUpdated": "2025-04-22T17:51:53.172Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-31124\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2022-07-06T18:15:19.290\",\"lastModified\":\"2024-11-21T07:03:56.773\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"openssh_key_parser is an open source Python package providing utilities to parse and pack OpenSSH private and public key files. In versions prior to 0.0.6 if a field of a key is shorter than it is declared to be, the parser raises an error with a message containing the raw field value. An attacker able to modify the declared length of a key\u0027s sensitive field can thus expose the raw value of that field. Users are advised to upgrade to version 0.0.6, which no longer includes the raw field value in the error message. There are no known workarounds for this issue.\"},{\"lang\":\"es\",\"value\":\"openssh_key_parser es un paquete de c\u00f3digo abierto de Python que proporciona utilidades para analizar y empaquetar archivos de clave p\u00fablica y privada de OpenSSH. En versiones anteriores a 0.0.6, si un campo de una clave es m\u00e1s corto de lo que se declara, el analizador genera un error con un mensaje que contiene el valor del campo en bruto. Un atacante capaz de modificar la longitud declarada del campo confidencial de una clave puede as\u00ed exponer el valor bruto de ese campo. Es recomendado a usuarios actualizar a versi\u00f3n 0.0.6, que ya no incluye el valor bruto del campo en el mensaje de error. No se presentan mitigaciones conocidas para este problema\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N\",\"baseScore\":7.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.1,\"impactScore\":4.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:N/A:N\",\"baseScore\":4.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-209\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-209\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssh_key_parser_project:openssh_key_parser:*:*:*:*:*:python:*:*\",\"versionEndExcluding\":\"0.0.6\",\"matchCriteriaId\":\"EBB0728B-4846-443F-B4E1-4FF1A0A615C1\"}]}]}],\"references\":[{\"url\":\"https://github.com/scottcwang/openssh_key_parser/commit/26e0a471e9fdb23e635bc3014cf4cbd2323a08d3\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/scottcwang/openssh_key_parser/commit/274447f91b4037b7050ae634879b657554523b39\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/scottcwang/openssh_key_parser/commit/d5b53b4b7e76c5b666fc657019dbf864fb04076c\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/scottcwang/openssh_key_parser/pull/5\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/scottcwang/openssh_key_parser/security/advisories/GHSA-hm37-9xh2-q499\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/scottcwang/openssh_key_parser/commit/26e0a471e9fdb23e635bc3014cf4cbd2323a08d3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/scottcwang/openssh_key_parser/commit/274447f91b4037b7050ae634879b657554523b39\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/scottcwang/openssh_key_parser/commit/d5b53b4b7e76c5b666fc657019dbf864fb04076c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/scottcwang/openssh_key_parser/pull/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/scottcwang/openssh_key_parser/security/advisories/GHSA-hm37-9xh2-q499\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/scottcwang/openssh_key_parser/security/advisories/GHSA-hm37-9xh2-q499\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/scottcwang/openssh_key_parser/pull/5\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/scottcwang/openssh_key_parser/commit/26e0a471e9fdb23e635bc3014cf4cbd2323a08d3\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/scottcwang/openssh_key_parser/commit/274447f91b4037b7050ae634879b657554523b39\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/scottcwang/openssh_key_parser/commit/d5b53b4b7e76c5b666fc657019dbf864fb04076c\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T07:11:39.371Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-31124\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-22T15:45:44.952333Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-22T15:45:47.453Z\"}}], \"cna\": {\"title\": \"Possible leak of key\u0027s raw field if declared length is incorrect in openssh_key_parser\", \"source\": {\"advisory\": \"GHSA-hm37-9xh2-q499\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 7.7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"scottcwang\", \"product\": \"openssh_key_parser\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 0.0.6\"}]}], \"references\": [{\"url\": \"https://github.com/scottcwang/openssh_key_parser/security/advisories/GHSA-hm37-9xh2-q499\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/scottcwang/openssh_key_parser/pull/5\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/scottcwang/openssh_key_parser/commit/26e0a471e9fdb23e635bc3014cf4cbd2323a08d3\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/scottcwang/openssh_key_parser/commit/274447f91b4037b7050ae634879b657554523b39\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/scottcwang/openssh_key_parser/commit/d5b53b4b7e76c5b666fc657019dbf864fb04076c\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"openssh_key_parser is an open source Python package providing utilities to parse and pack OpenSSH private and public key files. In versions prior to 0.0.6 if a field of a key is shorter than it is declared to be, the parser raises an error with a message containing the raw field value. An attacker able to modify the declared length of a key\u0027s sensitive field can thus expose the raw value of that field. Users are advised to upgrade to version 0.0.6, which no longer includes the raw field value in the error message. There are no known workarounds for this issue.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-209\", \"description\": \"CWE-209: Generation of Error Message Containing Sensitive Information\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2022-07-06T17:30:27.000Z\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 7.7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, \"source\": {\"advisory\": \"GHSA-hm37-9xh2-q499\", \"discovery\": \"UNKNOWN\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"\u003c 0.0.6\"}]}, \"product_name\": \"openssh_key_parser\"}]}, \"vendor_name\": \"scottcwang\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://github.com/scottcwang/openssh_key_parser/security/advisories/GHSA-hm37-9xh2-q499\", \"name\": \"https://github.com/scottcwang/openssh_key_parser/security/advisories/GHSA-hm37-9xh2-q499\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://github.com/scottcwang/openssh_key_parser/pull/5\", \"name\": \"https://github.com/scottcwang/openssh_key_parser/pull/5\", \"refsource\": \"MISC\"}, {\"url\": \"https://github.com/scottcwang/openssh_key_parser/commit/26e0a471e9fdb23e635bc3014cf4cbd2323a08d3\", \"name\": \"https://github.com/scottcwang/openssh_key_parser/commit/26e0a471e9fdb23e635bc3014cf4cbd2323a08d3\", \"refsource\": \"MISC\"}, {\"url\": \"https://github.com/scottcwang/openssh_key_parser/commit/274447f91b4037b7050ae634879b657554523b39\", \"name\": \"https://github.com/scottcwang/openssh_key_parser/commit/274447f91b4037b7050ae634879b657554523b39\", \"refsource\": \"MISC\"}, {\"url\": \"https://github.com/scottcwang/openssh_key_parser/commit/d5b53b4b7e76c5b666fc657019dbf864fb04076c\", \"name\": \"https://github.com/scottcwang/openssh_key_parser/commit/d5b53b4b7e76c5b666fc657019dbf864fb04076c\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"openssh_key_parser is an open source Python package providing utilities to parse and pack OpenSSH private and public key files. In versions prior to 0.0.6 if a field of a key is shorter than it is declared to be, the parser raises an error with a message containing the raw field value. An attacker able to modify the declared length of a key\u0027s sensitive field can thus expose the raw value of that field. Users are advised to upgrade to version 0.0.6, which no longer includes the raw field value in the error message. There are no known workarounds for this issue.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-209: Generation of Error Message Containing Sensitive Information\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2022-31124\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Possible leak of key\u0027s raw field if declared length is incorrect in openssh_key_parser\", \"ASSIGNER\": \"security-advisories@github.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-31124\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-22T17:51:53.172Z\", \"dateReserved\": \"2022-05-18T00:00:00.000Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2022-07-06T17:30:27.000Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

fkie_cve-2022-31124

Vulnerability from fkie_nvd

Published

2022-07-06 18:15

Modified

2024-11-21 07:03

Severity ?

7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/scottcwang/openssh_key_parser/commit/26e0a471e9fdb23e635bc3014cf4cbd2323a08d3	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/scottcwang/openssh_key_parser/commit/274447f91b4037b7050ae634879b657554523b39	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/scottcwang/openssh_key_parser/commit/d5b53b4b7e76c5b666fc657019dbf864fb04076c	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/scottcwang/openssh_key_parser/pull/5	Exploit, Issue Tracking, Third Party Advisory
security-advisories@github.com	https://github.com/scottcwang/openssh_key_parser/security/advisories/GHSA-hm37-9xh2-q499	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/scottcwang/openssh_key_parser/commit/26e0a471e9fdb23e635bc3014cf4cbd2323a08d3	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/scottcwang/openssh_key_parser/commit/274447f91b4037b7050ae634879b657554523b39	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/scottcwang/openssh_key_parser/commit/d5b53b4b7e76c5b666fc657019dbf864fb04076c	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/scottcwang/openssh_key_parser/pull/5	Exploit, Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/scottcwang/openssh_key_parser/security/advisories/GHSA-hm37-9xh2-q499	Third Party Advisory

Impacted products

	Vendor	Product	Version
	openssh_key_parser_project	openssh_key_parser	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openssh_key_parser_project:openssh_key_parser:*:*:*:*:*:python:*:*",
              "matchCriteriaId": "EBB0728B-4846-443F-B4E1-4FF1A0A615C1",
              "versionEndExcluding": "0.0.6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "openssh_key_parser is an open source Python package providing utilities to parse and pack OpenSSH private and public key files. In versions prior to 0.0.6 if a field of a key is shorter than it is declared to be, the parser raises an error with a message containing the raw field value. An attacker able to modify the declared length of a key\u0027s sensitive field can thus expose the raw value of that field. Users are advised to upgrade to version 0.0.6, which no longer includes the raw field value in the error message. There are no known workarounds for this issue."
    },
    {
      "lang": "es",
      "value": "openssh_key_parser es un paquete de c\u00f3digo abierto de Python que proporciona utilidades para analizar y empaquetar archivos de clave p\u00fablica y privada de OpenSSH. En versiones anteriores a 0.0.6, si un campo de una clave es m\u00e1s corto de lo que se declara, el analizador genera un error con un mensaje que contiene el valor del campo en bruto. Un atacante capaz de modificar la longitud declarada del campo confidencial de una clave puede as\u00ed exponer el valor bruto de ese campo. Es recomendado a usuarios actualizar a versi\u00f3n 0.0.6, que ya no incluye el valor bruto del campo en el mensaje de error. No se presentan mitigaciones conocidas para este problema"
    }
  ],
  "id": "CVE-2022-31124",
  "lastModified": "2024-11-21T07:03:56.773",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.7,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 4.0,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-07-06T18:15:19.290",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/scottcwang/openssh_key_parser/commit/26e0a471e9fdb23e635bc3014cf4cbd2323a08d3"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/scottcwang/openssh_key_parser/commit/274447f91b4037b7050ae634879b657554523b39"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/scottcwang/openssh_key_parser/commit/d5b53b4b7e76c5b666fc657019dbf864fb04076c"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://github.com/scottcwang/openssh_key_parser/pull/5"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/scottcwang/openssh_key_parser/security/advisories/GHSA-hm37-9xh2-q499"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/scottcwang/openssh_key_parser/commit/26e0a471e9fdb23e635bc3014cf4cbd2323a08d3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/scottcwang/openssh_key_parser/commit/274447f91b4037b7050ae634879b657554523b39"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/scottcwang/openssh_key_parser/commit/d5b53b4b7e76c5b666fc657019dbf864fb04076c"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://github.com/scottcwang/openssh_key_parser/pull/5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/scottcwang/openssh_key_parser/security/advisories/GHSA-hm37-9xh2-q499"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-209"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-209"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

pysec-2022-233

Vulnerability from pysec

Published

2022-07-06 18:15

Modified

2023-05-25 05:07

Details

Impacted products

Name	purl
openssh-key-parser	pkg:pypi/openssh-key-parser

Aliases

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "openssh-key-parser",
        "purl": "pkg:pypi/openssh-key-parser"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "d5b53b4b7e76c5b666fc657019dbf864fb04076c"
            },
            {
              "fixed": "26e0a471e9fdb23e635bc3014cf4cbd2323a08d3"
            },
            {
              "fixed": "274447f91b4037b7050ae634879b657554523b39"
            }
          ],
          "repo": "https://github.com/scottcwang/openssh_key_parser",
          "type": "GIT"
        },
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.0.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "0.0.1",
        "0.0.2",
        "0.0.3",
        "0.0.4",
        "0.0.5"
      ]
    }
  ],
  "aliases": [
    "CVE-2022-31124",
    "GHSA-hm37-9xh2-q499"
  ],
  "details": "openssh_key_parser is an open source Python package providing utilities to parse and pack OpenSSH private and public key files. In versions prior to 0.0.6 if a field of a key is shorter than it is declared to be, the parser raises an error with a message containing the raw field value. An attacker able to modify the declared length of a key\u0027s sensitive field can thus expose the raw value of that field. Users are advised to upgrade to version 0.0.6, which no longer includes the raw field value in the error message. There are no known workarounds for this issue.",
  "id": "PYSEC-2022-233",
  "modified": "2023-05-25T05:07:00Z",
  "published": "2022-07-06T18:15:00Z",
  "references": [
    {
      "type": "FIX",
      "url": "https://github.com/scottcwang/openssh_key_parser/commit/d5b53b4b7e76c5b666fc657019dbf864fb04076c"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/scottcwang/openssh_key_parser/security/advisories/GHSA-hm37-9xh2-q499"
    },
    {
      "type": "WEB",
      "url": "https://github.com/scottcwang/openssh_key_parser/pull/5"
    },
    {
      "type": "FIX",
      "url": "https://github.com/scottcwang/openssh_key_parser/commit/26e0a471e9fdb23e635bc3014cf4cbd2323a08d3"
    },
    {
      "type": "FIX",
      "url": "https://github.com/scottcwang/openssh_key_parser/commit/274447f91b4037b7050ae634879b657554523b39"
    }
  ]
}

gsd-2022-31124

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Aliases

CVE-2022-31124

Aliases

CVE-2022-31124

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-31124",
    "description": "openssh_key_parser is an open source Python package providing utilities to parse and pack OpenSSH private and public key files. In versions prior to 0.0.6 if a field of a key is shorter than it is declared to be, the parser raises an error with a message containing the raw field value. An attacker able to modify the declared length of a key\u0027s sensitive field can thus expose the raw value of that field. Users are advised to upgrade to version 0.0.6, which no longer includes the raw field value in the error message. There are no known workarounds for this issue.",
    "id": "GSD-2022-31124"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-31124"
      ],
      "details": "openssh_key_parser is an open source Python package providing utilities to parse and pack OpenSSH private and public key files. In versions prior to 0.0.6 if a field of a key is shorter than it is declared to be, the parser raises an error with a message containing the raw field value. An attacker able to modify the declared length of a key\u0027s sensitive field can thus expose the raw value of that field. Users are advised to upgrade to version 0.0.6, which no longer includes the raw field value in the error message. There are no known workarounds for this issue.",
      "id": "GSD-2022-31124",
      "modified": "2023-12-13T01:19:18.124628Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2022-31124",
        "STATE": "PUBLIC",
        "TITLE": "Possible leak of key\u0027s raw field if declared length is incorrect in openssh_key_parser"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "openssh_key_parser",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "\u003c 0.0.6"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "scottcwang"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "openssh_key_parser is an open source Python package providing utilities to parse and pack OpenSSH private and public key files. In versions prior to 0.0.6 if a field of a key is shorter than it is declared to be, the parser raises an error with a message containing the raw field value. An attacker able to modify the declared length of a key\u0027s sensitive field can thus expose the raw value of that field. Users are advised to upgrade to version 0.0.6, which no longer includes the raw field value in the error message. There are no known workarounds for this issue."
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.7,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-209: Generation of Error Message Containing Sensitive Information"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/scottcwang/openssh_key_parser/security/advisories/GHSA-hm37-9xh2-q499",
            "refsource": "CONFIRM",
            "url": "https://github.com/scottcwang/openssh_key_parser/security/advisories/GHSA-hm37-9xh2-q499"
          },
          {
            "name": "https://github.com/scottcwang/openssh_key_parser/pull/5",
            "refsource": "MISC",
            "url": "https://github.com/scottcwang/openssh_key_parser/pull/5"
          },
          {
            "name": "https://github.com/scottcwang/openssh_key_parser/commit/26e0a471e9fdb23e635bc3014cf4cbd2323a08d3",
            "refsource": "MISC",
            "url": "https://github.com/scottcwang/openssh_key_parser/commit/26e0a471e9fdb23e635bc3014cf4cbd2323a08d3"
          },
          {
            "name": "https://github.com/scottcwang/openssh_key_parser/commit/274447f91b4037b7050ae634879b657554523b39",
            "refsource": "MISC",
            "url": "https://github.com/scottcwang/openssh_key_parser/commit/274447f91b4037b7050ae634879b657554523b39"
          },
          {
            "name": "https://github.com/scottcwang/openssh_key_parser/commit/d5b53b4b7e76c5b666fc657019dbf864fb04076c",
            "refsource": "MISC",
            "url": "https://github.com/scottcwang/openssh_key_parser/commit/d5b53b4b7e76c5b666fc657019dbf864fb04076c"
          }
        ]
      },
      "source": {
        "advisory": "GHSA-hm37-9xh2-q499",
        "discovery": "UNKNOWN"
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003c0.0.6",
          "affected_versions": "All versions before 0.0.6",
          "cvss_v2": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-209",
            "CWE-937"
          ],
          "date": "2022-07-14",
          "description": "openssh_key_parser is an open source Python package providing utilities to parse and pack OpenSSH private and public key files. In versions prior to 0.0.6 if a field of a key is shorter than it is declared to be, the parser raises an error with a message containing the raw field value. An attacker able to modify the declared length of a key\u0027s sensitive field can thus expose the raw value of that field. Users are advised to upgrade to version 0.0.6, which no longer includes the raw field value in the error message. There are no known workarounds for this issue.",
          "fixed_versions": [
            "0.0.6"
          ],
          "identifier": "CVE-2022-31124",
          "identifiers": [
            "CVE-2022-31124",
            "GHSA-hm37-9xh2-q499"
          ],
          "not_impacted": "All versions starting from 0.0.6",
          "package_slug": "pypi/openssh-key-parser",
          "pubdate": "2022-07-06",
          "solution": "Upgrade to version 0.0.6 or above.",
          "title": "Generation of Error Message Containing Sensitive Information",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2022-31124",
            "https://github.com/scottcwang/openssh_key_parser/commit/d5b53b4b7e76c5b666fc657019dbf864fb04076c",
            "https://github.com/scottcwang/openssh_key_parser/security/advisories/GHSA-hm37-9xh2-q499",
            "https://github.com/scottcwang/openssh_key_parser/pull/5",
            "https://github.com/scottcwang/openssh_key_parser/commit/26e0a471e9fdb23e635bc3014cf4cbd2323a08d3",
            "https://github.com/scottcwang/openssh_key_parser/commit/274447f91b4037b7050ae634879b657554523b39"
          ],
          "uuid": "fb39440d-7d2a-47ac-a64a-036fca447134"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:openssh_key_parser_project:openssh_key_parser:*:*:*:*:*:python:*:*",
                "cpe_name": [],
                "versionEndExcluding": "0.0.6",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2022-31124"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "openssh_key_parser is an open source Python package providing utilities to parse and pack OpenSSH private and public key files. In versions prior to 0.0.6 if a field of a key is shorter than it is declared to be, the parser raises an error with a message containing the raw field value. An attacker able to modify the declared length of a key\u0027s sensitive field can thus expose the raw value of that field. Users are advised to upgrade to version 0.0.6, which no longer includes the raw field value in the error message. There are no known workarounds for this issue."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-209"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/scottcwang/openssh_key_parser/commit/d5b53b4b7e76c5b666fc657019dbf864fb04076c",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/scottcwang/openssh_key_parser/commit/d5b53b4b7e76c5b666fc657019dbf864fb04076c"
            },
            {
              "name": "https://github.com/scottcwang/openssh_key_parser/security/advisories/GHSA-hm37-9xh2-q499",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://github.com/scottcwang/openssh_key_parser/security/advisories/GHSA-hm37-9xh2-q499"
            },
            {
              "name": "https://github.com/scottcwang/openssh_key_parser/pull/5",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Issue Tracking",
                "Third Party Advisory"
              ],
              "url": "https://github.com/scottcwang/openssh_key_parser/pull/5"
            },
            {
              "name": "https://github.com/scottcwang/openssh_key_parser/commit/26e0a471e9fdb23e635bc3014cf4cbd2323a08d3",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/scottcwang/openssh_key_parser/commit/26e0a471e9fdb23e635bc3014cf4cbd2323a08d3"
            },
            {
              "name": "https://github.com/scottcwang/openssh_key_parser/commit/274447f91b4037b7050ae634879b657554523b39",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/scottcwang/openssh_key_parser/commit/274447f91b4037b7050ae634879b657554523b39"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2022-07-14T14:22Z",
      "publishedDate": "2022-07-06T18:15Z"
    }
  }
}

ghsa-hm37-9xh2-q499

Vulnerability from github

Published

2022-07-06 19:24

Modified

2024-10-07 21:17

Severity ?

7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
6.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N

Summary

Possible leak of key's raw field if declared length is incorrect

Details

Impact

If a field of a key is shorter than it is declared to be, the parser raises an error with a message containing the raw field value. An attacker able to modify the declared length of a key's sensitive field can thus expose the raw value of that field.

Patches

Upgrade to version 0.0.6, which no longer includes the raw field value in the error message.

Workarounds

N/A

References

N/A

For more information

If you have any questions or comments about this advisory: * Open an issue in openssh_key_parser

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "openssh-key-parser"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.0.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-31124"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-209"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-07-06T19:24:12Z",
    "nvd_published_at": "2022-07-06T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nIf a field of a key is shorter than it is declared to be, the parser raises an error with a message containing the raw field value. An attacker able to modify the declared length of a key\u0027s sensitive field can thus expose the raw value of that field.\n\n### Patches\nUpgrade to version 0.0.6, which no longer includes the raw field value in the error message.\n\n### Workarounds\nN/A\n\n### References\nN/A\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [openssh_key_parser](https://github.com/scottcwang/openssh_key_parser)\n",
  "id": "GHSA-hm37-9xh2-q499",
  "modified": "2024-10-07T21:17:17Z",
  "published": "2022-07-06T19:24:12Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/scottcwang/openssh_key_parser/security/advisories/GHSA-hm37-9xh2-q499"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31124"
    },
    {
      "type": "WEB",
      "url": "https://github.com/scottcwang/openssh_key_parser/pull/5"
    },
    {
      "type": "WEB",
      "url": "https://github.com/scottcwang/openssh_key_parser/commit/26e0a471e9fdb23e635bc3014cf4cbd2323a08d3"
    },
    {
      "type": "WEB",
      "url": "https://github.com/scottcwang/openssh_key_parser/commit/274447f91b4037b7050ae634879b657554523b39"
    },
    {
      "type": "WEB",
      "url": "https://github.com/scottcwang/openssh_key_parser/commit/d5b53b4b7e76c5b666fc657019dbf864fb04076c"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/openssh-key-parser/PYSEC-2022-233.yaml"
    },
    {
      "type": "WEB",
      "url": "https://github.com/scottcwang/openssh_key_parser"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Possible leak of key\u0027s raw field if declared length is incorrect"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2022-31124 (GCVE-0-2022-31124)

Vulnerability from cvelistv5

fkie_cve-2022-31124

Vulnerability from fkie_nvd

pysec-2022-233

Vulnerability from pysec

gsd-2022-31124

Vulnerability from gsd

ghsa-hm37-9xh2-q499

Vulnerability from github

Impact

Patches

Workarounds

References

For more information

Tags

Sightings

Nomenclature